Detect SQLi
Manual SQL Injection Discovery Tips
NetSPI SQL Injection Wiki
MySQL:
PentestMonkey's mySQL injection cheat sheet
Reiners mySQL injection Filter Evasion Cheatsheet
Alternative for Information_Schema.Tables in MySQL
The SQL Injection Knowledge base
MSSQL:
EvilSQL's Error/Union/Blind MSSQL Cheatsheet
PentestMonkey's MSSQL SQLi injection Cheat Sheet
ORACLE:
PentestMonkey's Oracle SQLi Cheatsheet
POSTGRESQL:
PentestMonkey's Postgres SQLi Cheatsheet
Others
SQLi Cheatsheet - NetSparker
Access SQLi Cheatsheet
PentestMonkey's Ingres SQL Injection Cheat Sheet
Pentestmonkey's DB2 SQL Injection Cheat Sheet
Pentestmonkey's Informix SQL Injection Cheat Sheet
SQLite3 Injection Cheat sheet
Ruby on Rails (Active Record) SQL Injection Guide
ForkBombers SQLMap Tamper Scripts Update
SQLi in INSERT worse than SELECT
Manual SQL Injection Tips
Second Order:
Analyzing CVE-2018-6376 – Joomla!, Second Order SQL Injection
Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper
Sqlmap:
#SQLmap protip @zh4ck
Last updated 3 years ago